Implementing ADFS for Single-Sign On to Office 365: Must It Be So Complex?

Webinar Registration

In this webinar, I will lead you through the steps of setting up Dirsync and an ADFS server for federated authentication between your on-premise Active Directory and Office 365.

Office 365 is Microsoft’s cloud based delivery of Exchange, SharePoint and other Office technologies. Without federation, you must maintain a new and separate account for each user in Office 365, in addition to the credential they already have in your AD. Also, you find yourself creating duplicate groups in Office 365 to manage access to different resources. Duplicate users and groups increases administration, damages the user experience and creates big security risks.

You can eliminate that doubling of user accounts by implementing federation. First, you need to install Dirsync with synchronizes changes in your AD to Office 365. Then, you install ADFS which is Windows’ built-in federation server. After installing ADFS, you set up a trust relationship between Office 365 and your domain.

In this webinar, I’ll go over these steps in detail and discuss issues like:

What needs to be opened on your firewall?

Should you implement an ADFS proxy?

What kind of SSL certificate do you need?

How to make ADFS fault-tolerant?

That latter point is particularly important because think about it. If any component of your federated identity infrastructure (Internet connection, firewall, router, switches or ADFS server) goes down, so does your access to the cloud. That’s bad if you have multiple offices or mobile users because even though your users still have access to the Internet and even though Office 365 is still up, you can’t access it because it can’t reach your AD for authentication.

Microsoft does provide for ADFS high-availability but it requires Cluster Services, Network Load Balancing and does not address the fault-tolerance of other components such as your Internet connection. Unless you are very big enterprise with a data center that has multiple Internet connections and a fault tolerant network, you can’t ensure access to Office 365 using ADFS.

Most of us don’t have that kind of data center but most of us do have at least 2 different sites with domain controllers. If you could put an ADFS server at each site, you’d have complete redundancy of every component and thereby ensure continuous availability of Office 365. But ADFS clusters have to be on the same subnet and require a network load balancer. It’s ironic that migrating to the cloud can require such a significant amount of on-premise infrastructure upgrades.

This is where our sponsor, Centrify, comes in. Corey Williams, Senior Director of Product Management, will show how Centrify provides an alternative to ADFS that is much, much simpler to deploy and allows you to leverage your different sites provide fault-tolerant authentication for Office 365. You’ll see how Centrify features:

5 min install

No servers in DMZ

No holes in firewall

No public certs required

Don’t miss this real training for free™ event! Please register now!

First Name:

Last Name:

Work Email:

Phone:

Organization:

Country:

State:

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us.